Typosquatt alert ! Malicious npm Package: nyc-config
Possible typosquatting against @istanbuljs/load-nyc-config with ~25M weekly downloads.
Read the full article1y ago
You might also wanna read

What is typosquatting and how typosquatting attacks are responsible for malicious modules in npm
Snyk·5y ago

Snyk finds 200+ malicious npm packages, including Cobalt Strike dependency confusion attacks
Snyk recently discovered overt 200 malicious packages in the npm registry. While we acknowledge that vulnerability fatigue is an issue for d
Snyk·4y ago
TanStack NPM Packages Compromised
Article URL: Comments URL: Points: 38 # Comments: 3
github.com·2mo ago
NPM: Issues with package install, package publish, and login
Article URL: Comments URL: Points: 4 # Comments: 1
status.npmjs.org·1y ago
Malicious packages found to be typo-squatting in Python Package Index
A summary of two malicious typo-squatting packages recently removed from the Python Package Index.
Snyk·6y ago
MAL-2026-10081: Malicious code in webrix-docs1 (npm)
--- _-= Per source details. Do not edit below this line.=-_ ## Source: amazon-inspector (20cdefe1415c5b5245f36b10ea0de9033433b479768c2cc785a
radar.offseq.com·16h ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.